| ID |
CVE-2017-3765
|
| Sažetak |
In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces. This bypass mechanism can be accessed when performing local authentication under specific circumstances. If exploited, admin-level access to the switch is granted. |
| Reference |
|
| CVSS |
| Base: | 6.2 |
| Impact: | 10.0 |
| Exploitability: | 1.9 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
HIGH |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| CVSS vektor |
AV:L/AC:H/Au:N/C:C/I:C/A:C |
| Zadnje važnije ažuriranje |
06-02-2018 - 14:12 |
| Objavljeno |
10-01-2018 - 18:29 |
